|
|
Cédric Dufour - GNU/Linux System and Software Engineer(also see my Blah! page) |
|
|
|
| | |
|
E-Mail | cedric.dufour@null.ced-network.net (note) |
|
Location | CH-1860 Aigle (VD) |
|
Nationalities | Swiss / French |
Birthdate | September 9th, 1973 |
|
Languages | French (mother tongue) English (fluent) German (basic) |
|
|
|
|
| |
| | |
|
Personal Software Projects (see my sofware or GitHub pages for further details) |
Python |
|
C/C++ |
|
PHP |
- PHP-URC, a library for designing web-based remote control interfaces
|
Garmin ConnectIQ |
- TowplaneSK, the Towplane Swiss Knife for Garmin ConnectIQ devices
- GliderSK, the Glider Swiss Knife for Garmin ConnectIQ devices
- SunAlmanac, Sunrise/Sunset data for Garmin ConnectIQ devices, along its little-brother PilotSRSS
- PilotAltimeter, a Pilot ICAO/ISA Altimeter for Garmin ConnectIQ devices
- TOTP, a TOTP (RFC6238) implementation for Garmin ConnectIQ devices
|
Miscelleneaous |
- Pi Station, an all-in-one approach to setting up a Raspberry Pi for 24/7 usage, along the Sleepy Pi power-management extension (hat) and other selected hardware, and leveraging Ansible for easy and reproducible configuration.
|
Professional Software Projects (Head Developer) |
Linux Tooling |
|
PHP/Symfony |
- Data Jukebox, a PHP/Symfony bundle which aims to provide - for common CRUD (Create-Read-Update-Delete) operations - the same level of abstraction that Symfony does for forms
- Data Cryptographer, a PHP/Symfony bundle which provides a cryptographer resource/service for common cryptographic operations
|
Exoscale (2019 - now, most recent first) |
Development / Python |
|
Development / GoLang |
|
Deployment / Automation |
|
Security |
- Deployment and integration of HashiCorp Vault for the management of software stacks secrets (SSL certificates, IAM credentials, SSH keys, etc.)
|
Logging |
|
Security |
- New internal Public Key Infrastructure (PKI), leveraging YubiKeys PIV (Applet) for personal access tokens
|
Web |
|
|
Network |
- Upgraded the entire network infrastructure to provide 10Tb/s (Nx40GbE) core and 10GbE edge switching capacity, based on HPE/Aruba switches
|
Python |
|
GNU/Linux / SmartCards |
- Set up PKI smartcards for e-mail signature/encryption as well as two-factor authentication along PAM, MIT Kerberos V (PKINIT), Apache web server - along OpenLDAP authorization - and OpenVPN.
|
GNU/Linux / Time-Serie Database ZFS / High-Availability |
|
GNU/Linux / Virtualization GPU Computation |
- Added GPU computation nodes to the virtualization infrastructure (~30 physical hosts, ~600 cores, ~7.5 TiB RAM, ~400'000 CUDA cores, ~1.5 TiB GPU RAM) along libvirt, PCI passthrough and K.I.S.S. Cluster (KiSC).
|
GNU/Linux / Virtualization High-Availability / Python |
|
GNU/Linux |
- Forked and refactored apparently defunct SystemImager and SALI system imaging and (PXE) deployment stack to our own in-house Simple Imager project/solution.
|
PHP |
|
GNU/Linux |
|
GNU/Linux / Virtualization High-Availability / Network |
|
Network |
- Full network tolopology upgrade and VLAN renumbering along migration to new Fortinet FortiGate-800C firewall cluster and activation of Idiap IPv6 range (2001:620:7a3::/48)
|
GNU/Linux / Virtualization |
- Migration of all virtual servers (∼120 hosts) to a highly-available corosync/pacemaker+KVM/libvirt cluster, based on IBM BladeCenter (servers) and BNT Virtual Fabric (networking) hardware, and coupled with automated network boot (PXE) and image installation
|
Network |
- Upgrade and consolidation of building-wide Wireless LAN infrastructure using HP ProCurve Multi-Service Mobility (MSM) products
|
GNU/Linux / Storage |
- R'Equip project (Lustre-based high performance storage system): initial proof of concept, preliminary tests, requirements analysis, system engineering, hardware provisioning and final commissioning
|
GNU/Linux / Virtualization |
- Virtualization of all servers and services (∼100 hosts) using Linux VServer technology, along with heartbeat (high-availability)/LVS (load-balancing) and Nagios monitoring
|
GNU/Linux / Identity Mgmt |
- Consolidation and extension of the MySQL and LDAP-base identity management system to allow its integration with Eduroam and internal freeradius authentication servers as well as SwitchAAI Shibboleth single sign-on (SSO) portal (pan-academic authentication frameworks)
|
GNU/Linux / Workstations |
|
Network |
- Network migration to multiple VLAN-based segments along with split DNS and DHCP as well as network authentication (802.1X), OpenVPN and enhanced access control using SonicWall appliances.
|
PHP |
- Web-based applications using PHP-APE library: Idiap's Online Recruitment System, Contacts and Relations Manager, Project Management System, Network Access Manager, Project Time Accounting, etc.
|
|
|
|
| |
| | |
|
Operating Systems |
|
Platforms |
|
Software Engineering and Development (Linux-centric) |
Stand-Alone Applications |
|
Web Applications/Services |
|
Databases |
|
Other |
- shell scripting, GIT, debian packaging, cryptography (applied)
|
Linux for the Cloud |
Platform |
|
Virtualization |
|
Monitoring / Observability |
|
Deployment |
|
Security |
|
Linux for the Enterprise |
Network Services |
|
Authentication Services |
|
Mail Services |
|
Storage Services |
|
Remote Access Services |
|
Printing Services |
|
Database Services |
|
Web Services |
|
High-Availability / Load-Balancing |
|
Monitoring / Observability |
|
Deployment |
|
Configuration |
|
Security |
|
Networking |
|
|
|
|
| |
| | |
|
2019.07 - now |
-
Exoscale (Lausanne, CH) - Site Reliability Engineer
www.exoscale.ch
Emphasis on security and Kubernetes.
|
2006.10 - 2019.06 |
-
Idiap Research Institute (Martigny, CH) - Software and System Engineer (employment certificate, in French)
www.idiap.ch
Responsible for Linux systems along network and security architecture.
System engineering and administration (∼200 hosts).
Network engineering and administration (∼1000 ports).
Web applications development (PHP/Symfony).
|
2005.02 - 2006.04 |
-
VS Informatique (Martigny, CH) - IT Engineer (employment certificate, in French)
www.vsinformatique.com
Business customers support.
New tools and services development and setup.
System (Linux/Windows) and network setup, administration and troubleshooting.
|
2001.10 - 2005.01 |
-
Cédric Dufour / Cogito Ergo Soft (Verbier, CH) - Independent Contractor (chamber of commerce registration, in French)
Web applications development.
System (Linux/Windows) and network setup, administration and troubleshooting.
|
1999.03 - 2001.06 |
-
STAR Telecom (Geneva, CH) - Technical Manager (employment certificate, in French)
STAR Telecommunication Ltd (USA)'s swiss branch setup.
Technically responsible for telecommunication infrastructures (Nortel DMS-100E) operations, local network and system (Windows NT4) administration, as well as interconnection projects management; Leading a four-employee team.
Software development (internal tools).
|
1998.02 - 1999.02 |
-
Laboratoire de Traitement du Signal - LTS (EPFL, Lausanne, CH) - Ph.D Student (recommendation letter, in French)
lts5www.epfl.ch
Algorithms research and software development for biomedical images processing and analysis.
|
|
|
|
| |
|
Training and Certifications
| |
|
2011.05 |
- Lustre Workshop - Roland Fehrenbacher and Peter Kruse, Q-Leap Networks (Ehningen, DE)
|
2010.08 |
- Dynamique de gestion de projet - Georges A. Gessler (Martigny, CH)
|
2006.12 |
-
Advanced C++ - Jack Tardy, Digicomp Academy (Lausanne, CH)
Attestation: C++ Avancé (CPA)
|
|
|
|
| |
| | |
|
1992 - 1997 |
-
Engineer in Electricity (low power) - École Polytechnique Fédérale de Lausanne (EPFL, CH) - master
Specializations : electronic, electromagnetism, audio, signal processing and telecommunication
Results : theoretical 8.8/10, practical 8.0/10
|
1988 - 1992 |
-
Scientific Diploma - Collège Claparède (Geneva, CH) - high school
Results : overall 5.6/6
|
|
|
|
| |
| | |
|
|
- Windsurfing, Skiing, Martial Arts (Karate and Kobudo), Mountain Hiking
- Flying: Airplanes (PPL/SEP) and Gliders (SPL)
|
|
|
|
| |
|
|